Guide On How To Compile The Kernel On FreeBSD

Guide On How To Compile The Kernel On FreeBSD Allan Chr
2017-08-04T09:38:57+00:00

A Step By Step Guide On How To Compile The Kernel On FreeBSDThis can go so very wrong in so many ways. There is no apparent reason to compile your kernel unless you need some specific options which the generic kernel does not provide. There are other drawbacks as well by compiling a custom kernel. Such as every time you update your system, your custom kernel will be overwritten and you need to recompile your kernel from scratch.

So why are we doing this again? Well I do it because I like to have the FreeBSD firewall functionality compiled into the kernel. This is also the only way to enable the “Queuing” functionality. It is quite possible to run pf without compiling your kernel, and if you don’t need “Queuing” then I would just run pf from rc.conf so that the service would start at boot time.

Right let’s compile a custom kernel
We will compile some core firewall options into the kernel and the kernel will end up being called “OKINAWA” unless you change it.

First we need to change to the directory that holds the generic kernel configuration file. Then we will copy the “stock” generic configuration file to a “work” kernel configuration file and use that one for our modifications.

cd /usr/src/sys/amd64/conf
cp GENERIC OKINAWA
vi OKINAWA

Change the Identity i.e. name from GENERIC to something else. Kernel names are always written in capital letters.

ident GENERIC

In this guide we will use OKINAWA. A mentioned this can be anything you like as long as you avoid spaces and use all capital letters. So the line will look like this.

ident OKINAWA

Add or remove functionality to the kernel. Here we are adding some core firewall functionality. I suggest adding these somewhere in at the top of the configuration file where the other “options” are listed. Right add the following for Queuing support.

And for the firewall itself we will need to add the following. I suggest putting it somewhere below all the options where the other devices are being listed.

device pf
device pflog
device pfsync

So well time to compile the new kernel, this will take quite some time depending on your system, and or virtual machine configuration.

cd /usr/src
make buildkernel KERNCONF=OKINAWA

If there is any error, then “STOP” right there. Do not continue. Fix the error and run the above command again until no errors are being reported. Once this runs without errors the new kernel has been compiled. All we have to do now is to install it and reboot the system.